CPSC 457:Costs of SpamSpam originates mainly from:Anti-spam LegislationCAN-SPAM Act of 2003Slide 6Criminal Spam Act of 2003SPAM ActSlide 9REDUCE Spam Act of 2003REDUCE Spam Act 0f 2003Anti-Spam Act of 2003Slide 13Reduction in Distribution of Spam Act of 2003Problems with proposed legislationSlide 16Anti-spam legislation in the EU and UKWorld’s Fourth Largest SpammerWorld’s Premier SpammerSpam blocking technologySpam TricksSteps individuals can takeCPSC 457: Sensitive Information in a Wired WorldAnti – Spam Legislation and TechnologyJeannie WongCosts of SpamIn the U.S. and the E.U., half of all email are unsolicited commercial emails.The Federal Trade Commission maintains and monitors a spam database, and has set up a special mailbox that receives 40 thousand junk emails a day.Spam is used not only to peddle merchandise and various money-making scams, but also to disseminate computer viruses.FTC: spam costs between $10 billion and $87 billion annually. 7 billion pieces of spam are sent daily, which drains bandwidth and productivity.ISPs pass the increased cost along to their customers.Schumer: NYC residents receive 8.25 million pieces of spam daily and spend 4.2 million hours annually deleting them.Jupiter Research:in 2002, $1.4 billion spent on email marketing campaigns in 2007, $8.3 billion will be spentAnti-spam technology is an $88 million industry.Spam originates mainly from:1. United States - 33% 2. China - 18% 3. Korea - 9% 4. Brazil - 4% 5. Canada - 3 % 6. United Kingdom - 2% 7. Italy - 2% 8. Mexico - 2% 9. Germany - 2% 10. Taiwan - 1%Anti-spam Legislation107th Congress: 8 bills106th Congress: 11 bills108th Congress: 9 bills Anti-Spam Act of 2003Ban on Deceptive Unsolicited Bulk Electronic Mail Act 0f 2003CAN-SPAM Act of 2003Computer Owners’ Bill of RightsCriminal Spam Act of 2003REDUCE Spam Act of 2003Reduction in Distribution of Spam Act of 2003Stop Pornography and Abusive Marketing ActWireless Telephone Spam Protection ActCAN-SPAM Act of 2003Controlling the Assault of Non-Solicited Pornography and Marketing ActReintroduced for the third time in April 2003 by Sen. Conrad R. Burns (R-MT) and Sen. Ron Wyden (D-OR) Requires unsolicited commercial email messages to be labeled, to include opt-out instructions, workable return email addresses, and the sender’s physical addressPreempts state laws that prohibit unsolicited commercial email outrightImposes fines of up to $10 per email on spammers if the receiver has opted out, up to $500,000, and a fine of up to $1.5 million for spammers who willingly and knowingly violated the lawCAN-SPAM Act of 2003Imposes fines of up to $1 million for delibrately deceptive emailA criminal penalty of up to a year in jail for spammers who include deceptive subject lines and misleading header information.Criminal Spam Act of 2003Introduced June 19, 2003 by Sen. Orrin Hatch (R-UT)Cosponsors: Senators Leahy, Schumer, Grassley, Feinstein, DeWine, Edwards, Wyden, Burns, Pryor, Miller, and Nelson. Prohibits unauthorized or deceptive use of a third party’s computer for relaying bulk commercial email messagesProhibits the use of false header information in bulk commercial messagesRegulates the use of multiple email accounts or domain names for the purposes of sending such messages. Applies only to quantities or more than 100 messages within 24 hours, or 1000 within 30 days, or 10000 within one year.Senders of email with misleading headers may fined up to $25,000 each day or receive up to five years in federal prisonSPAM ActStop Pornography and Abusive Marketing ActIntroduced in June 2003, Sen. Charles Schumer (D-NY)Establishes a national “no-spam” registry, administered by the FTC, using fees paid for marketers for access to the listFTC would be empowered to prohibit explicit commercial messages to minors even if they are not on the list Requires full disclosure in email headers and addresses, require working unsubscribe mechanisms, ban the use of false sender names, and automated harvesting of email addressesSPAM ActAll messages that contain commercial content must have the letters ADV in the subject line, except those sent in compliance with an FTC-approved self-regulatory program, and must include the sender’s physical address.Jail time of up to 2 years for severe repeat offenders.$75 million needed to create the system, including the FTC registry and for enforcement.Supports domain-wide opt-outREDUCE Spam Act of 2003Restrict and Eliminate the Delivery of Unsolicited Commercial Electronic Mail or Spam Act of 2003Introduced in May 2003 by Rep. Zoe Lofgren (D-CA) Unsolicited bulk commercial email messages would be required to include a valid reply address and opt-out instructions, and a label (“ADV:” or “ADV:ADLT” or some other form of recognized standard identification)Applies to messages send in the same or similar form to 1000 or more email addresses within a two-day periodFalse or misleading headers and deceptive subject lines would be prohibited in all unsolicited commercial email messages, whether or not sent in bulkREDUCE Spam Act 0f 2003Similar to the Burns-Wyden bill with the addition of a reward of 20 percent of the civil fine levied by the U.S. Federal Trade Commission against the spammer to the first person to report a spam offender. Gives Internet service providers the right to bring civil actions against marketers who violate those requirements and disrupt their networks, and it allows for criminal fines and up to a year in prison for fraudulent spam.Anti-Spam Act of 2003Introduced June 18, 2003 by Rep. Heather Wilson (R-NM)Cosponsors: Rep. Rick Boucher (D-VA) & Rep. Ed Markey (D-MA)Commercial email messages must be identified as such, must include the sender’s physical street address, and an opt-out mechanism.Messages relating to a specific transaction and consented to by the recipient would be exempt from the requirementsSexually explicit messages must be identified with a standard labelCommercial email messages with false or misleading message headers or misleading subject lines are prohibited.Anti-Spam Act of 2003Sending commercial email messages to addresses generated by an automated dictionary attack would be illegal.Preempts state laws that restrict the sending commercial email, regulate opt-out procedures, or
View Full Document